220 likes | 409 Views
Net-SNMP. Ju Hong Taek College of Information and Communication Keimyung University Tel: 053-580-5234 Email: juht@kmu.ac.kr. Contents. Net-SNMP Package History of Net-SNMP Applications of Net-SNMP Trap Daemon Architecture of Net-SNMP Agent How to extend SNMP agents with Net-SNMP
E N D
Net-SNMP Ju Hong Taek College of Information and Communication Keimyung University Tel: 053-580-5234 Email: juht@kmu.ac.kr
Contents • Net-SNMP Package • History of Net-SNMP • Applications of Net-SNMP • Trap Daemon • Architecture of Net-SNMP Agent • How to extend SNMP agents with Net-SNMP • Net-SNMP URL: www.net-snmp.org
Net-SNMP Package • An extensible agent • An SNMP library • tools to get or set information from SNMP agents • tools to generate and handle SNMP traps • a Tk/perl mib browser
History of Net-SNMP • Originally based on the Carnegie Mellon University implementations • University of California at Davis SNMP extends CMU-SNMP, calls UCD-SNMP • UCD-SNMP moves to Net-SNMP in April, 2002 (Web sites also moves from www.ucd-snmp.net to www.net-snmp.net) • Now, Net-SNMP 5.1.1 released
Applications (1) • snmpcmd [Common OPTIONS] AGENT [PARAMETERS] • Common command line arguments • Common OPTIONS • -c community • -v 1 | 2c | 3 • -r retries • -t timeout • snmpget [COMMON OPTIONS] [-Cf] OID [OID]... • SNMP application that uses the SNMP GET request to query for information on a network entity • Ex) snmpget -c public localhost system.sysDescr.0 • Result) system.sysDescr.0 = Linux enterflex2.postech.ac.kr …
Applications (2) • snmpset [COMMON OPTIONS] OID TYPE VALUE • SNMP application that uses the SNMP SET request to set information on a network entity • Type: i (INTEGER), u (UNSIGNED), s (STRING)… • ex) snmpset -c private -v 1 localhost system.sysContact.0 s mjchoi@postech.ac.kr • snmpwalk [APPLICATION OPTIONS] [COMMON OPTIONS] [OID] • SNMP application that uses SNMP GETNEXT requests to query a network entity • Retrieves lots of data, a part of MIB tree (subtree) at once • Ex) snmpwalk -c public localhost system • Result) system.sysDescr.0 = … system.sysObjectID.0 = … system.sysUpTime.0 = …
Applications (3) • snmpstatus [COMMON OPTIONS] • SNMP application that retrieves several important statistics from a network entity. • The IP address of the entity. sysDescr.0 / sysUpTime.0 /… • Ex) snmpstatus -c public -v 1 localhost • Result) [127.0.0.1] [Linux enterflex2 .postech . ac .kr 2.4.7-10 #1 Thu Sep 6 17 :27:27 EDT 2001 i386 ]… • snmptranslate [OPTIONS] OID [OID]... • Application that translates SNMP object identifier values from their symbolic (textual) forms into their numerical forms • Ex) snmptranslate system.sysUpTime.0 • Result) .1.3.6.1.2.1.1.3.0
Applications (4) • snmptrap [COMMON OPTIONS] [-Ci] enterprise-oid agent generic-trap specific-trap uptime [OID TYPE VALUE] • SNMP application that uses the SNMP TRAP operation to send information to a network manager • Definition) TRAP-TEST-MIB DEFINITIONS ::= BEGIN IMPORTS ucdExperimental FROM UCD-SNMP-MIB; demotraps OBJECT IDENTIFIER ::= { ucdExperimental 990 } demo-trap TRAP-TYPE STATUS current ENTERPRISE demotraps VARIABLES { sysLocation } DESCRIPTION "This is just a demo" ::= 17 END • Ex) snmptrap –v 1 -c public host TRAP-TEST-MIB::demotraps localhost 6 17 '' SNMPv2-MIB::sysLocation.0 s "Just here"
Applications (5) • Etc. • snmpgetnext: retrieving unknown indexed data. • snmpbulkwalk :uses SNMP GETBULK requests to query a network entity • snmptable: displaying table. • snmpnetstat: symbolically displays the values of various network-related information retrieved from a remote system using the SNMP protocol
Trap Daemon • snmptrapd [OPTIONS][LISTENING ADDRESSES] • SNMP application that receives and logs SNMP TRAP • the default is to listen on UDP port 162 • snmptrapd is displayed as follows • Result) 1999-11-12 23:26:07 localhost [127.0.0.1] TRAP-TEST-MIB::demotraps: Enterprise Specific Trap (demo-trap) Uptime: 1 day, 5:34:06 SNMPv2-MIB::sysLocation.0 = "Just here"
Architecture of SNMP Agent S N M P M A N A G E R Managed System SNMP Agent Embedded System Application Mgmt. Backend Interface Trap Monitor Operation Processor Message Generator Message Parser BER Decoder & Encoder Connection Listener Response/ Trap Request
How to Extend (1) • Define a private MIB: Example of Cluster MIB
How to Extend (2) • Download net-snmp-5.0.8.tar.gz • Decompress the file in your home directory command: gtar xvfz net-snmp-5.0.8.tar.gz • Compile default SNMP agent • cd net-snmp-5.0.8 • ./configure --prefix=“/usr/local/net-snmp” • make • make install
How to Extend (3) • Install SNMP perl module for using mib2c • cd net-snmp-5.0.8 • cd perl • perl Makefile.PL -NET-SNMP-CONFIG=“sh ../../net-snmp-config” -NET-SNMP-IN-SOURCE=true • make • make test • make install
How to Extend (4) • Compile the private MIB file using mib2c • cd net-snmp-5.0.8 • cd local • mkdir cluster • copy the private mib in the current directory ex) cp ~mjchoi/cluster.my ./cluster.my • export MIBS=ALL • MIBS=./cluster.my • mib2c -c mib2c.scalar.conf generalInfo • mib2c -c mib2c.scalar.conf currentStatus • mib2c -c mib2c.array-user.conf loadBalancer • mv generalInfo.* cluster • mv currentStatus.* cluster • mv loadBalancer.* cluster • cp –r cluster ../agent/mibgroup/.
How to Extend (5) • Code the extension agent • Header file: add necessary definitions • C file (1) Module definition: the code defining the contents of the MIB e.g. static oid clusterName_oid[] = { 1, 3, 6, 1, 3, 1, 1, 1, 0 }; (2) Module initialization: initialization before they can start providing the necessary information e.g.netsnmp_register_instance(netsnmp_create_handler_registration ("clusterName", do_clusterName, clusterName_oid, OID_LENGTH(clusterName_oid), HANDLER_CAN_RWRITE));
How to Extend (6) • Code the extension agent (3) Variable handling: actually handles a request for a particular variable instance e.g. char clusterName[NAME_LEN]; int *var_len; (4) Non-table-based modules: the request handling routine is to retrieve any necessary scalar data e.g. switch (reqinfo->mode) { case MODE_GET: snmp_set_var_typed_value(requests->requestvb, ASN_OCTET_STR, (u_char *) clusterName, var_len); break; … }
How to Extend (7) • Code the extension agent (5) Simple tables: process a simple table with limited table index e.g. int serviceTable_handler(netsnmp_mib_handler *handler, netsnmp_handler_registration *reginfo, netsnmp_agent_request_info *reqinfo, netsnmp_request_info *requests) { … switch (reqinfo->mode) { case MODE_GET: switch (table_info->colnum) { case COLUMN_SRINDEX: snmp_set_var_typed_value(var, ASN_INTEGER, …); break; … } … } … }
How to Extend (8) • Code the extension agent (6) General tables: process a general table, which the maximum index is not determinable e.g. Init_{Name}_Entry(); // Perform any necessary initialization while (( index = Get_Next_{Name}_Entry() ) != EndMarker ) { construct OID from vp->name and index compare new OID and request if valid { save current data if finished // exact match, or ordered table break; // so don't look at any more entries } … } …
How to Extend (9) • Code the extension agent (7) Set-able object: the handling of SNMPSET e.g. switch (reqinfo->mode) { … case MODE_SET_ACTION: // XXX: perform the value change here if ( /* XXX: error? */ ) { netsnmp_set_request_error(reqinfo, requests, “error_msg.”); } break; case MODE_SET_COMMIT: // XXX: delete temporary storage if ( /* XXX: error? */ ) { netsnmp_set_request_error(reqinfo, requests, SNMP_ERR_COMMITFAILED); } break; } …
How to Extend (10) • Compile the MIB extension and generate SNMP daemon • ./configure --with-mib-modules=“cluster/generalInfo, cluster/currentStatus, cluster/loadBalancer” • cd agent • make • ./snmpd –c config_file (ex) ./snmpd –c /etc/snmp/snmpd.conf • snmpd [OPTIONS] [LISTENING ADDRESSES] • SNMP agent which binds to a port and awaits requests from SNMP management software. • collects the requested information and/or performs the requested operations and returns the information to the sender. • By default, snmpd listens for SNMP requests on UDP port 161.
How to Extend (11) • Modify snmpd.conf for SNMP community # First, map the community name # sec.name source community com2sec clusterUser default postech # Second, map the security name into a group name: # groupName securityModel securityName group clusterGroup v1 clusterUser # Third, create a view for us to let the group have rights to: # name incl/excl subtree mask(optional) view mibview included .iso.org.dod.internet # Finally, grant the group read-only access to the systemview view. # group context sec.model sec.level prefix read write notif access clusterGroup "" any noauth exact mibview mibview none